I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

PowerPoint Slideshow about 'Privacy and Security Tiger Team' - tanaya

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

Support and momentum for the NSTIC initiative is building – expect NSTIC to emerge as the common basis for identity management for both the private and public sectors

Calls for Identity Ecosystem – “an online environment where individuals and organizations will be able to trust each other because they follow agreed upon standards to obtain and authenticate their digital identities”

Emphasis on authenticating identity without disclosing private information will be appreciated by both the healthcare industry and by consumers

Not clear what will cost – business models still emerging

Commercial marketplace is developing solutions based upon NSTIC principles and 800-63-1

ONC’s work to implement this recommendation should be informed by NSTIC and aim to establish trust within the health care system, taking into account provider workflow needs and the impact of approaches to trusted identity on health care on health care quality and safety.

For example, NSTIC also will focus on the capability to pass along key attributes that can be attached to identity. The capability to pass key attributes – e.g., valid professional license – may be critical to facilitating access to data.

ONC should consult with NIST about future iterations of NIST 800-63-1 to identify any unique needs in the healthcare environment that must be specifically addressed.

Both government and private industry are embracing the Federal Identity, Credential, and Access Management (FICAM) Trust Framework and NIST SP 800-63-1

Secure, interoperable and privacy-enhancing process by which federal agencies and private sector can leverage commercially issued digital identities and credentials

Four non-federal organizations have been approved to be Trust Framework Providers (TFPs) – who then assess and accredit commercial identity providers who conform to the USG profiles and abide by the privacy criteria

CMS has identified risks that warrant LOA 3 assurances and will use FICAM-certified credential providers to meet this need